Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-12-2017 Ran by Nico1 (14-12-2017 19:11:19) Running from C:\Users\Nico1\Desktop Windows 10 Home Version 1703 15063.726 (X64) (2017-07-12 18:18:51) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrador (S-1-5-21-1981303191-2494313758-1525745571-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1981303191-2494313758-1525745571-503 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1981303191-2494313758-1525745571-1002 - Limited - Enabled) Invitado (S-1-5-21-1981303191-2494313758-1525745571-501 - Limited - Disabled) Nico1 (S-1-5-21-1981303191-2494313758-1525745571-1001 - Administrator - Enabled) => C:\Users\Nico1 ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Spybot - Search and Destroy (Disabled - Out of date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75} AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.126 - Adobe Systems Incorporated) Apple Application Support (32 bits) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.) Apple Application Support (64 bits) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft) Avira (HKLM-x32\...\{4BC30143-FC17-4BA0-96C3-11F21F026099}) (Version: 1.2.100.18354 - Avira Operations GmbH & Co. KG) Hidden Avira (HKLM-x32\...\{638c58eb-e71e-4b96-8f16-c5a7dbc4293f}) (Version: 1.2.100.18354 - Avira Operations GmbH & Co. KG) Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.34.16 - Avira Operations GmbH & Co. KG) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.51.22728 - Electronic Arts) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.37 - Piriform) Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform) Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment) Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games) Intel(R) Network Connections 19.5.300.2 (HKLM\...\PROSetDX) (Version: 19.5.300.2 - Intel) iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.) Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}) (Version: 1.2.0241 - Microsoft Corporation) Microsoft Office Professionnel Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1981303191-2494313758-1525745571-1001\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Mises à jour NVIDIA 29.1.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 29.1.0.0 - NVIDIA Corporation) Hidden Mozilla Firefox 57.0.2 (x64 fr) (HKLM\...\Mozilla Firefox 57.0.2 (x64 fr)) (Version: 57.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 57.0.2.6549 - Mozilla) NVIDIA Controlador de 3D Vision 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation) NVIDIA Controlador de audio HD 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation) NVIDIA Controlador de gráficos 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation) NVIDIA GeForce Experience 3.10.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 - NVIDIA Corporation) NVIDIA Logiciel système PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) NVIDIA Pilote du contrôleur 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation) Origin (HKLM-x32\...\Origin) (Version: 10.5.5.5003 - Electronic Arts, Inc.) Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Panel de control de NVIDIA 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.13 - NVIDIA Corporation) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7572 - Realtek Semiconductor Corp.) REALTEK Wireless LAN Driver and Utility (HKLM-x32\...\{9C049499-055C-4a0c-A916-1D8CA1FF45EB}) (Version: 1.00.0139 - ) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.2.0 - Rockstar Games) Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.6.46 - Safer-Networking Ltd.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) System Requirements Lab Detection (HKLM-x32\...\{A3CC435F-BF9A-458E-894F-9EA77BB1E6BB}) (Version: 6.1.4.0 - Husdawg, LLC) Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN) Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.7.0.0 - Azureus Software, Inc.) Vuze (HKLM-x32\...\8461-7759-5462-8226) (Version: 5.7.6.0 - Azureus Software, Inc.) Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => F:\Logiciels\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.) ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.) ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-12-14] (Avira Operations GmbH & Co. KG) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => F:\Logiciels\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation) ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.) ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.) ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-12-14] (Avira Operations GmbH & Co. KG) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {1438E640-F9AF-41A3-87CC-023BE8BCFCC3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {174200D5-F4F2-4359-829B-5EA3BB538247} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {1E157760-C2F7-4191-99D5-F4BD845DD12A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {1EC41385-08B6-481F-8878-60C5779EB5BC} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe Task: {20709271-D052-4F7D-82D3-E41CD53821F1} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2017-05-23] (Safer-Networking Ltd.) Task: {32165A1C-3322-4780-88FA-AA7CC2E5AD05} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {33B418AB-1EB4-4419-ADCF-890C579CB300} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {3DBD242C-96AF-4F3A-A734-2D175BE84145} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {3DDE26A7-26E5-4F60-AB52-8F8253EBBE83} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION Task: {43EDBC3C-E4BB-4CBC-8322-33C1B90BC1BC} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {532C5E09-0FE0-4846-962C-D983340FB2F4} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-11] (NVIDIA Corporation) Task: {60191D57-A93C-45CA-80BE-E3AB5084FA50} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2017-05-23] (Safer-Networking Ltd.) Task: {6183EED8-31F2-4634-87AB-B4D59FA59303} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe Task: {623B818F-BF8A-4E79-8E30-2EE9412CADF6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {69D6256B-B08F-46ED-8F34-5EB8C8677FBE} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2017-05-23] (Safer-Networking Ltd.) Task: {6AC2A500-F830-44C4-8BBE-9360B0074C6C} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {6F5171B2-4516-445B-AD0A-5FA4DF8292F4} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation) Task: {776D28E6-78FB-4D58-B2FA-6CED4C143DAB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {7DE1FEF0-B256-443D-A785-467C11BCA256} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-11-08] (Piriform Ltd) Task: {7ECD02E9-D1DB-4BE3-9EF8-8D68AE30E0CB} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {8131A187-5366-4149-AF8F-0E75B231AC9E} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe Task: {815A773C-1F53-472B-B893-7DA21982EBA7} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe Task: {82E43D82-7884-491D-8755-6EAE3E95D2F6} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe Task: {83456966-75B9-4848-861C-E80BA786D2E2} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe Task: {86AB99EE-9DEC-489A-8635-3849CCB37DF9} - System32\Tasks\Microsoft Office 15 Sync Maintenance for NICO1-PC-Nico1 Nico1-PC => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation) Task: {907EA353-9F92-429C-8187-95D5B8E9A549} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {93A5C392-86C3-43DE-A1F2-847E10CB7303} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {97C54FE1-9BC8-4B81-9602-0897050518F0} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-10-11] (NVIDIA Corporation) Task: {98FEF347-4739-4D7A-98B6-997BAD16F02C} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe Task: {9AA0F936-C579-4FA1-9E82-130ADA92E7F0} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-12-14] (Microsoft Corporation) Task: {9CFE4B5C-7C3B-43E6-A990-E0BD9D62E9ED} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {9E306530-D00B-40F0-AB6B-E19011E07176} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe Task: {9EAF7B6B-C704-4EF7-94E5-C0DE1B0695BD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {9F24655C-C043-48C6-AB46-068E175B726C} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe Task: {A0BA5489-AAFC-45A9-B357-291FFF3D2FF8} - \RocketTab Update Task -> No File <==== ATTENTION Task: {A1CF2516-2441-4991-8ADD-239FE3D2542F} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {A43AF608-698B-4D8E-B961-E5FFB1E7035E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-11] (NVIDIA Corporation) Task: {B88F6B70-3494-4B54-A521-96610FF6F5B8} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION Task: {B91C41DE-EDE9-4B14-8E80-F2B5F67C945C} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe Task: {C01BFE48-E42D-4BEE-A66D-8DA5434A3995} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-12-13] (Adobe Systems Incorporated) Task: {C137EFF9-99AD-4969-9FA7-C7B9700CD2E5} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe Task: {C77BC801-D207-4532-8FD3-0CEC05B59880} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {CB67B083-499A-4494-B52B-A755E92F434E} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe Task: {D003D607-ABC0-45FF-80E3-1FEE8C3341F7} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2017-12-14] (Avira Operations GmbH & Co. KG) Task: {D662C0DA-537B-4805-B1A3-9EC6A6591DD9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-11-08] (Piriform Ltd) Task: {D8180871-D132-4F12-A00E-5C82981FE205} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-10-11] (NVIDIA Corporation) Task: {D9F47D5F-5CA2-4F03-9EDC-8D4C30B54980} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {DB6BBD85-91EC-4EFE-A734-FA4FDB50C536} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {DBD848B1-4898-45E7-BAF3-2961234629A7} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-11] (NVIDIA Corporation) Task: {DC76AD52-72C5-4BBE-B42E-4B5BF0D54E73} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {DDB26709-8D8D-42C9-8DC4-14132548BF03} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-11] (NVIDIA Corporation) Task: {E0B9B5E8-A054-4B98-ADCC-C7D509160750} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-10-11] (NVIDIA Corporation) Task: {E4C59862-AEFD-4F43-9792-C1EE96498C5B} - \RocketTab -> No File <==== ATTENTION Task: {E716ED77-B543-4AA9-A7FA-E3B5D7565F6B} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-10-11] (NVIDIA Corporation) Task: {EA8B3501-5E99-41C5-B15F-4268170CB6CF} - System32\Tasks\Avira SystrayStartTrigger => Avira.SystrayStartTrigger.exe Task: {F07195BC-5A32-4FF7-BB8A-6CFDE622F01B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe Task: {F81E2902-12C4-4523-BDBA-69965C46DDB8} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {FF6207AC-3AEA-4EB6-B2C5-F750D760F92E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2016-03-18 21:56 - 2016-03-18 21:56 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2016-03-18 21:56 - 2016-03-18 21:56 - 001329936 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2016-11-20 19:28 - 2017-10-11 02:05 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-03-18 21:58 - 2017-03-18 21:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2017-03-18 21:59 - 2017-03-20 06:13 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-09-02 15:29 - 2017-05-12 10:36 - 000507464 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll 2017-09-02 15:29 - 2016-09-13 13:00 - 000109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2017-09-02 15:29 - 2016-09-13 13:00 - 000167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2017-09-02 15:29 - 2016-09-13 13:00 - 000416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl 2015-09-07 13:31 - 2009-08-28 16:38 - 000131072 _____ () C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\EnumDevLib.dll 2016-11-20 19:28 - 2017-10-11 02:05 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2016-11-20 19:28 - 2017-10-11 02:05 - 070805952 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com There are 7936 more sites. IE restricted site: HKU\S-1-5-21-1981303191-2494313758-1525745571-1001\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21-1981303191-2494313758-1525745571-1001\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-1981303191-2494313758-1525745571-1001\...\008k.com -> www.008k.com IE restricted site: HKU\S-1-5-21-1981303191-2494313758-1525745571-1001\...\00hq.com -> www.00hq.com IE restricted site: HKU\S-1-5-21-1981303191-2494313758-1525745571-1001\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21-1981303191-2494313758-1525745571-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21-1981303191-2494313758-1525745571-1001\...\0scan.com -> www.0scan.com IE restricted site: HKU\S-1-5-21-1981303191-2494313758-1525745571-1001\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\S-1-5-21-1981303191-2494313758-1525745571-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\S-1-5-21-1981303191-2494313758-1525745571-1001\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\S-1-5-21-1981303191-2494313758-1525745571-1001\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\S-1-5-21-1981303191-2494313758-1525745571-1001\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\S-1-5-21-1981303191-2494313758-1525745571-1001\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\S-1-5-21-1981303191-2494313758-1525745571-1001\...\10sek.com -> www.10sek.com IE restricted site: HKU\S-1-5-21-1981303191-2494313758-1525745571-1001\...\12-26.net -> user1.12-26.net IE restricted site: HKU\S-1-5-21-1981303191-2494313758-1525745571-1001\...\12-27.net -> user1.12-27.net IE restricted site: HKU\S-1-5-21-1981303191-2494313758-1525745571-1001\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\S-1-5-21-1981303191-2494313758-1525745571-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\S-1-5-21-1981303191-2494313758-1525745571-1001\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\S-1-5-21-1981303191-2494313758-1525745571-1001\...\123simsen.com -> www.123simsen.com There are 7936 more sites. ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2017-09-23 12:00 - 000454512 ____N C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com 127.0.0.1 10sek.com 127.0.0.1 www.10sek.com 127.0.0.1 www.1-2005-search.com 127.0.0.1 1-2005-search.com 127.0.0.1 123fporn.info 127.0.0.1 www.123fporn.info 127.0.0.1 www.123haustiereundmehr.com 127.0.0.1 123haustiereundmehr.com 127.0.0.1 123moviedownload.com 127.0.0.1 www.123moviedownload.com There are 15600 more lines. ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1981303191-2494313758-1525745571-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR HKLM\...\StartupApproved\Run: => "iTunesHelper" HKU\S-1-5-21-1981303191-2494313758-1525745571-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-1981303191-2494313758-1525745571-1001\...\StartupApproved\Run: => "CCleaner Monitoring" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{7E95B270-1CCE-4101-AA71-2BCEC2A8A91E}] => (Allow) F:\Jeux\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFMP.exe FirewallRules: [{3F66D1F1-9FED-43E9-8FA9-9D307E92EB50}] => (Allow) F:\Jeux\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFMP.exe FirewallRules: [{8E02DF82-758D-4A96-B2F6-3944D3D4CADA}] => (Allow) F:\Jeux\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFSP.exe FirewallRules: [{B052159B-CCAD-468E-939A-BA1973C1D48C}] => (Allow) F:\Jeux\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFSP.exe FirewallRules: [{CA91CE30-6BDD-4ED8-9311-AA6804DB88C7}] => (Allow) F:\Logiciels\Steam\steamapps\common\Ori DE\oriDE.exe FirewallRules: [{54A6F4F5-DFAC-42EA-8C4D-A95A971CA7A3}] => (Allow) F:\Logiciels\Steam\steamapps\common\Ori DE\oriDE.exe FirewallRules: [{45A7986D-5980-4CB3-9956-7DF1BB2AC79D}] => (Allow) F:\Logiciels\Steam\steamapps\common\Fallout Shelter\FalloutShelter.exe FirewallRules: [{A5C4AF9C-1051-4453-8B5C-A6EA09051E61}] => (Allow) F:\Logiciels\Steam\steamapps\common\Fallout Shelter\FalloutShelter.exe FirewallRules: [{4FC4BB57-FF9D-4D41-8895-8201991C8D73}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{6C90F32B-8379-4880-9287-2B4F6877027C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{A6A634FA-082D-400A-9B45-6C92F6EA76AF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{36BD01D4-6DF9-49E0-8E6D-8AAA255E759F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{5D91541D-D3F2-43BC-A14A-870E614A0C09}] => (Allow) F:\Logiciels\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe FirewallRules: [{A190257D-9EB9-4D49-8AEC-C58D7BF21813}] => (Allow) F:\Logiciels\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe FirewallRules: [{FE557F2D-49BD-40E5-9D44-CFEB830892EA}] => (Allow) F:\Logiciels\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{27005264-B950-4D98-BCB2-427A4EF8F191}] => (Allow) F:\Logiciels\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{F3E19C5F-225C-4815-9BAA-366CE2AB4493}] => (Allow) F:\Logiciels\Steam\steamapps\common\Just Cause 3\JustCause3.exe FirewallRules: [{B014B7D7-45F5-4E1B-AEB4-7D7787FE91AF}] => (Allow) F:\Logiciels\Steam\steamapps\common\Just Cause 3\JustCause3.exe FirewallRules: [UDP Query User{D9DEFF20-17D5-4056-9C36-A355B2DDA743}F:\logiciels\steam\steamapps\common\the vanishing of ethan carter redux\ethancarter\binaries\win64\ethancarter-win64-shipping.exe] => (Allow) F:\logiciels\steam\steamapps\common\the vanishing of ethan carter redux\ethancarter\binaries\win64\ethancarter-win64-shipping.exe FirewallRules: [TCP Query User{7B9AA542-44B3-4FFE-8285-78953D93ABD5}F:\logiciels\steam\steamapps\common\the vanishing of ethan carter redux\ethancarter\binaries\win64\ethancarter-win64-shipping.exe] => (Allow) F:\logiciels\steam\steamapps\common\the vanishing of ethan carter redux\ethancarter\binaries\win64\ethancarter-win64-shipping.exe FirewallRules: [{1438574C-3C42-4F14-8E79-26B739DC3D92}] => (Allow) F:\Logiciels\Steam\steamapps\common\The Vanishing of Ethan Carter Redux\EthanCarter.exe FirewallRules: [{FBFE76B7-3C03-4058-86F9-E00AABE52BBF}] => (Allow) F:\Logiciels\Steam\steamapps\common\The Vanishing of Ethan Carter Redux\EthanCarter.exe FirewallRules: [{71D1A034-9885-4B39-97C6-B01B9B72EF87}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{A4D8370E-05AF-442B-8901-0AE49BE89CCA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{97E18D8D-0E55-4922-A563-4CF3EB036423}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{E63DFBF7-9D66-4811-A543-43C9AFA738D5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{D9BA3C4A-F408-435B-AA7A-A9155A8BA3D2}] => (Allow) F:\Logiciels\Steam\Steam.exe FirewallRules: [{B8548FA7-5071-46B8-952B-5AB318E7BA6A}] => (Allow) F:\Logiciels\Steam\Steam.exe FirewallRules: [{E44A097C-2ADC-4E04-919B-C2952EAF3334}] => (Allow) LPort=48113 FirewallRules: [{124DCCDE-8C96-4D8E-86EE-D2AD695153BA}] => (Allow) LPort=48114 FirewallRules: [{1A9B8D5F-9F64-4A6B-BB33-3EE65D417ECB}] => (Allow) F:\Logiciels\Steam\steamapps\common\Hitman Absolution\HMA.exe FirewallRules: [{734AE1F7-8626-42D2-AFE9-B2078FB0BF3E}] => (Allow) F:\Logiciels\Steam\steamapps\common\Hitman Absolution\HMA.exe FirewallRules: [TCP Query User{6E2BDE1F-5A6B-4974-9FEB-D464394A3A43}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{DFA4074E-A0EC-4A7A-AD41-E57D4C5A9794}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{FEEB200F-135A-40EB-BE47-D8847A66E020}] => (Allow) F:\Logiciels\Steam\steamapps\common\Banished\Application-steam-x64.exe FirewallRules: [{002AA504-B226-498A-B1B3-EF3DDE90C788}] => (Allow) F:\Logiciels\Steam\steamapps\common\Banished\Application-steam-x64.exe FirewallRules: [TCP Query User{2F89D742-ECB9-4A7D-B82A-1288A6768B5F}F:\jeux\rockstar games\grand theft auto v\gta5.exe] => (Allow) F:\jeux\rockstar games\grand theft auto v\gta5.exe FirewallRules: [UDP Query User{F0AE2973-CE6F-4924-94CC-E7C18C20C148}F:\jeux\rockstar games\grand theft auto v\gta5.exe] => (Allow) F:\jeux\rockstar games\grand theft auto v\gta5.exe FirewallRules: [{1F7D42A9-E58A-4747-B4E4-619EF8D6FB27}] => (Allow) F:\Logiciels\Battle.net\Battle.net.exe FirewallRules: [{F20E7E72-C041-42F2-A966-591154A6F6C5}] => (Allow) F:\Logiciels\Battle.net\Battle.net.exe FirewallRules: [TCP Query User{B2432031-0A6F-4F62-B344-7B85DD800FCF}F:\jeux\diablo iii\diablo iii.exe] => (Allow) F:\jeux\diablo iii\diablo iii.exe FirewallRules: [UDP Query User{5C70ACD8-4E11-47C4-89BC-CE4F4F438FF3}F:\jeux\diablo iii\diablo iii.exe] => (Allow) F:\jeux\diablo iii\diablo iii.exe FirewallRules: [{50E07D21-9ECA-4EC3-A5CC-928521F2FF83}] => (Allow) C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe FirewallRules: [{04EBA7D3-35A8-4AFE-AA99-1D57BC05D59E}] => (Allow) C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe FirewallRules: [{BC250322-0928-4B44-9DFC-A56CA8A252D4}] => (Allow) LPort=1542 FirewallRules: [{ADF1229A-3E5E-4644-8D10-6A03BC4CF0CE}] => (Allow) LPort=1542 FirewallRules: [{CD59A37D-F2F6-48CE-A49C-4DE557CA09DE}] => (Allow) LPort=53 FirewallRules: [{08D55F1F-5898-4365-B06E-51F0B852EEE9}] => (Allow) F:\Logiciels\Vuze\Azureus.exe FirewallRules: [{66018273-C41D-44B1-B753-46C2AE869297}] => (Allow) F:\Logiciels\Vuze\Azureus.exe FirewallRules: [{106984CD-B42D-4B7F-A804-BD8A09898EDF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{A7677BAC-965A-4E82-837F-FA3E7A782297}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{5633A381-E2FD-4080-B729-78D62E322E8D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{CBCB2C8F-7626-447F-A100-17DB32F7DC4D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{654CFAF8-BD75-4771-AE7F-B5E786185899}] => (Allow) F:\Logiciels\iTunes\iTunes.exe FirewallRules: [{06028CBE-96EC-43F9-8486-4341F7C28418}] => (Allow) F:\Logiciels\Steam\steamapps\common\This War of Mine\This War of Mine.exe FirewallRules: [{AC5EF75D-76F2-4A27-9BAE-1B06F3097395}] => (Allow) F:\Logiciels\Steam\steamapps\common\This War of Mine\This War of Mine.exe FirewallRules: [{E18F20EF-1FF7-4DDF-99C5-54539B724EAA}] => (Allow) F:\Logiciels\Steam\steamapps\common\This War of Mine\Storyteller.exe FirewallRules: [{F1C2364E-6C84-4A16-87E6-C30FC73B2040}] => (Allow) F:\Logiciels\Steam\steamapps\common\This War of Mine\Storyteller.exe FirewallRules: [{0B6477F2-C5B0-4C03-892F-8791A6EB92CD}] => (Allow) F:\Logiciels\Steam\steamapps\common\Prison Architect\Prison Architect.exe FirewallRules: [{C65135B6-C904-4DFD-A494-A1BFDE3682DB}] => (Allow) F:\Logiciels\Steam\steamapps\common\Prison Architect\Prison Architect.exe FirewallRules: [{A50E5956-7ED0-4393-A04B-F50931DE90F3}] => (Allow) F:\Logiciels\Steam\steamapps\common\Prison Architect\Prison Architect Safe Mode.exe FirewallRules: [{67E2DDAA-D70D-4032-A3D5-7B2B289C93A4}] => (Allow) F:\Logiciels\Steam\steamapps\common\Prison Architect\Prison Architect Safe Mode.exe FirewallRules: [{31C5EC2C-4AB4-4B49-8B6E-B88D0B14C684}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{2838653B-9DBA-408E-A306-1D25E15BF0BC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{6C4B5EC3-84D2-4E13-BA9D-0734606ECCCC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{6D6A3485-C45E-4A92-8242-0CF223A0D585}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{514F5DE4-1351-40C1-A0C2-EF59D72C5B02}] => (Allow) F:\Logiciels\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe FirewallRules: [{9EB87D23-7DDD-45DE-B6EC-E7B9DB0BBB39}] => (Allow) F:\Logiciels\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe FirewallRules: [{0B92A14B-2E24-43BC-9ABC-5FE337769AA7}] => (Allow) F:\Logiciels\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe FirewallRules: [{C10780D2-6097-43AB-8F65-3EB3076AAF21}] => (Allow) F:\Logiciels\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe FirewallRules: [{7FD9F462-4C38-4F3A-8EB7-9449962C21A5}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe FirewallRules: [{B20FC834-6B71-499C-BF36-92CA969A1099}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe FirewallRules: [{2CD67239-6452-4D5A-8775-F4F446AF971A}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe FirewallRules: [{84BDF667-EF5E-4028-AAD2-3CE888F91091}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe FirewallRules: [{4A113745-2D0F-434F-997A-B60437A48A87}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{80D751AA-A654-47FD-9CA6-29F799986F9E}] => (Allow) F:\Logiciels\Vuze\Azureus.exe FirewallRules: [{7A4C2E94-385A-47F9-AB7C-67C44A339712}] => (Allow) F:\Logiciels\Vuze\Azureus.exe FirewallRules: [{C7753E7D-BD97-42AE-84BB-057A8C5CA6DE}] => (Allow) F:\Logiciels\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe FirewallRules: [{071F0C2C-DF9D-46FC-B3D0-C3AF8E09F3E5}] => (Allow) F:\Logiciels\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe FirewallRules: [{31E726EF-0721-4134-8A2A-063886151CB6}] => (Allow) F:\Logiciels\Steam\steamapps\common\Cities_Skylines\Cities.exe FirewallRules: [{959B821E-90C8-4839-BF93-99751E271AEC}] => (Allow) F:\Logiciels\Steam\steamapps\common\Cities_Skylines\Cities.exe StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service ==================== Restore Points ========================= ATTENTION: System Restore is disabled ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (12/14/2017 06:26:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: NICO1-PC) Description: Échec de l’activation de l’application Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App avec l’erreur : -2144927142 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel. Error: (12/14/2017 06:23:27 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: Échec de la procédure d’ouverture pour le service « BITS » dans la DLL « C:\Windows\System32\bitsperf.dll ». Les données de performance de ce service ne seront pas disponibles. Le premier mot (DWORD) de la section Données contient le code d’erreur. Error: (12/14/2017 06:22:14 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 18 0.6.8.7.D.3.7.A.5.4.7.4.3.B.4.F.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR Nico1-PC-2.local. Error: (12/14/2017 06:22:14 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 192.168.1.12:5353 16 0.6.8.7.D.3.7.A.5.4.7.4.3.B.4.F.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR Nico1-PC.local. Error: (12/14/2017 06:22:14 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 18 12.1.168.192.in-addr.arpa. PTR Nico1-PC-2.local. Error: (12/14/2017 06:22:14 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 192.168.1.12:5353 16 12.1.168.192.in-addr.arpa. PTR Nico1-PC.local. Error: (12/14/2017 06:22:13 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Local Hostname Nico1-PC.local already in use; will try Nico1-PC-2.local instead Error: (12/14/2017 06:22:13 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 Nico1-PC.local. Addr 192.168.1.12 Error: (12/14/2017 06:22:13 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 192.168.1.12:5353 16 Nico1-PC.local. AAAA 2A01:CB19:8AE0:0400:F4B3:4745:A73D:7860 Error: (12/14/2017 06:22:13 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 Nico1-PC.local. AAAA FE80:0000:0000:0000:F4B3:4745:A73D:7860 System errors: ============= Error: (12/14/2017 07:11:33 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY) Description: Une défaillance a été détectée dans la structure du système de fichiers sur le volume C:. Se encontró un daño en una estructura de índice del sistema de archivos. El número de referencia del archivo es 0x7000000056842. El nombre del archivo es "\Users\Nico1\AppData\Local\Packages\Microsoft.BingSports_8wekyb3d8bbwe\LocalState". El atributo de índice dañado es ":$I30:$INDEX_ALLOCATION". Error: (12/14/2017 06:18:09 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Le service Avira Protection Web dépend du service Avira Protection temps réel qui n’a pas pu démarrer en raison de l’erreur : Après démarrage, le service s’est arrêté dans un état d’attente. Error: (12/14/2017 06:18:09 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Le service Avira Protection e-mail dépend du service Avira Protection temps réel qui n’a pas pu démarrer en raison de l’erreur : Après démarrage, le service s’est arrêté dans un état d’attente. Error: (12/14/2017 06:18:02 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Le service Avira Protection temps réel est en attente de démarrage. Error: (12/14/2017 06:18:02 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Le service Avira Protection temps réel est en attente de démarrage. Error: (12/14/2017 06:16:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service Origin Web Helper Service n’a pas pu démarrer en raison de l’erreur : Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle. Error: (12/14/2017 06:16:32 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Origin Web Helper Service. Error: (12/14/2017 06:16:02 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Le service NetTcpActivator dépend du service NetTcpPortSharing qui n’a pas pu démarrer en raison de l’erreur : Le service ne peut pas être démarré parce qu’il est désactivé ou qu’aucun périphérique activé ne lui est associé. Error: (12/14/2017 06:15:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service CldFlt n’a pas pu démarrer en raison de l’erreur : Cette demande n’est pas prise en charge. Error: (12/14/2017 06:15:57 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: L’arrêt système précédant à 17:31:29 le ‎14/‎12/‎2017 n’était pas prévu. CodeIntegrity: =================================== Date: 2017-10-04 17:39:50.339 Description: Windows is unable to verify the image integrity of the file \Device\CdRom0\CDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-10-04 17:39:49.310 Description: Windows is unable to verify the image integrity of the file \Device\CdRom0\CDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-10-04 17:39:17.032 Description: Windows is unable to verify the image integrity of the file \Device\CdRom0\CDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-10-04 17:39:16.008 Description: Windows is unable to verify the image integrity of the file \Device\CdRom0\CDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-07-17 09:23:58.214 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. Date: 2017-07-12 20:19:08.031 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz Percentage of memory in use: 20% Total physical RAM: 16360.94 MB Available physical RAM: 13017.69 MB Total Virtual: 32744.94 MB Available Virtual: 29071.38 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:118.58 GB) (Free:37.04 GB) NTFS Drive f: () (Fixed) (Total:931.39 GB) (Free:167.64 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 119.2 GB) (Disk ID: CABA6BBD) Partition: GPT. ======================================================== Disk: 1 (Size: 931.5 GB) (Disk ID: DB06718D) Partition: GPT. ==================== End of Addition.txt ============================